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Sir: 



In response to the Final Rejection dated December 18, 2008 in the above captioned 
matter, please enter the following amendment and response: 



Amendments to the Claims: 



1. (currently amended) A method of mobile Internet Protocol communication 
between a private network and a roaming mobile terminal, said private network 
including a home agent for said roaming mobile terminal and a gateway through which 
said communication passes and which provides security protection for said private 
network, the mobile internet protocols of said communication including security 
association bundles each including a security association between said roaming mobile 
terminal and said gateway for inbound communication and another security association 
for outbound communication, the method comprising the steps of: 

in response to a handover of communication, causing an a care-of IP address (MN 
Co @) of said roaming mobile terminal to change to a new care-of IP address 
(MN New Co @), 

said roaming mobile terminal updates its inbound security association from said 
gateway so that it can receive packets sent to it with said new care-of IP address 
(MN New Co @) as destination, 

said roaming mobile terminal sends a first signalling message with said home agent 
as destination in a secure tunnel to said gateway, 

said first signalling message indicating said new care-of IP address (MN New Co @) 
in secure form to said home agent, 

the inbound security association of said gateway from said roaming mobile terminal 
accepts said first signalling message without checking its source address, 

said gateway forwards said first signalling message within said private network to 
said home agent, 

said home agent checks the validity of said first signalling message and, if it is valid, 
updates its address data and sends a second signalling message to said 
gateway indicating said new care-of IP address (MN New Co @), and 

said gateway updates its outbound security association with said roaming mobile 
terminal in response to the new care-of IP address (MN New Co @) indicated. 
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2. (currently amended) A method as claimed in claim 1, wherein communication 
between said roaming mobile nod e terminal and said gateway is in accordance with an 
IPsec protocol specification. 



3. (currently amended) A method as claimed in claim 2, wherein communication 
between said gateway and said roaming mobile terminal is in accordance with an 
Encapsulating Security Payload protocol used in tunnel mode. 

4. (currently amended) A method as claimed in claim 1, wherein a registration reply 
for said roaming mobile node terminal is included in said second signalling message. 

5. (cancelled). 

6. (cancelled). 

7. (cancelled). 

8. (cancelled). 
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9. (currently amended) A system for mobile Internet Protocol communication 
between a private network and a roaming mobile terminal, said private network 
including a home agent for said roaming mobile terminal and a gateway through which 
said communication passes and which provides security protection for said private 
network, the protocols of said communication including security association bundles 
each including a security association between said roaming mobile terminal and said 
gateway for inbound communication and another security association for outbound 
communication, the system comprising: 

the roaming mobile terminal, in response to a handover of communication, causes 
aft a care-of IP address (MN Co @) of said roaming mobile terminal to change to 
a new care-of IP address (MN New Co @), said roaming mobile terminal updates 
its inbound security association from said gateway so that it can receive packets 
sent to it with said new care-of IP address (MN New Co @) as destination, and 
said roaming mobile terminal sends a first signalling message with said home 
agent as destination in a secure tunnel to said gateway, said first signalling 
message indicating said new care-of IP address (MN New Co @) in secure form 
to said home agent, 

the gateway, with the inbound security association of said gateway from said 
roaming mobile terminal, accepts said first signalling message without checking 
its source address, and forwards said first signalling message within said private 
network to said home agent, 

the home agent checks the validity of said first signalling message and, if it is valid, 
updates its address data and sends a second signalling message to said 
gateway indicating said new care-of IP address (MN New Co @), and 

the gateway updates its outbound security association with said roaming mobile 
terminal in response to the new care-of IP address (MN New Co @) indicated. 
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10. (currently amended) A system as claimed in claim 9, wherein communication 
between said roaming mobile nod e terminal and said gateway is in accordance with an 
IPsec protocol specification. 

1 1 .(currently amended) A system as claimed in claim 10, wherein communication 
between said gateway and said roaming mobile terminal is in accordance with an 
Encapsulating Security Payload protocol used in tunnel mode. 

12. (currently amended) A system as claimed in claim 9, wherein a registration reply 
for said roaming mobile node terminal is included in said second signalling message. 
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REMARKS 



Reconsideration of this application in light of the present amendment and remarks is 
respectfully requested. 

Claims 1-4 and 9-12 have been rejected. 

Claims 1-4 and 10-12 were objected to. 

Claims 5-8 were previously canceled. 

Claims 1-4 and 9-12 have been amended. 

Claims 1-4 and 9-12 are pending in this application. 

Formal Matters 

Claims 1-4 and 9-12 have been amended in accordance with the examiner's 
recommendations to make the terms consistent. Inasmuch as no new matter has been added, and 
the claims have been corrected in accordance with the Examiner's directions, applicant 
respectfully requests that this amendment after final be entered. 

Accordingly, applicants request that this objection be withdrawn. 

35 U.S.C. S102(e) 

Claims 1-4 and 9-12 have been rejected under 35 U.S.C. § 102(e) as being anticipated by 
Leung et al. (US 7,246,373). This rejection is respectfully traversed. 

The Examiner indicates that the claims do not recite any language limiting the method to 
mobile IP protocol. Claims 1 and 9 have been so amended. This is supported by the 
specification as a whole and by the claims inasmuch as the claims have solely referred to mobile 
terminals concerning IP protocol addressing. 

The Examiner also indicates that the claims do not specify "care-of ' addresses. 
Applicant respectfully disagree in that "MN Co @" refers to "MN care-of address" and that "MN 
New Co @" refers to "MN new care-of address" as referenced in the specification. However, to 
add clarity, the applicants have amended claims 1 and 9 to add this redundant reference. 

The Examiner also indicates that the use of the term "comprising" in the claims allows 
the Examiner to include unrecited elements in rejecting the claims. Applicants respectfully 
disagree and respond that the new amendments to claims 1 and 9 exclude the use of Leung as a 
35 U.S.C. 102 reference. 

Inasmuch as no new matter has been added, and the claims have been corrected in 
accordance with the Examiner's already-considered comments, no new search need be 
performed, and applicant respectfully requests that this amendment after final be entered. 
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Leung presents a solution where the mobility of a roaming mobile node (MN) is handled 
by a corporate Virtual Private Network Gateway (VPN GW), so that the secured tunnel between 
MN and VPN GW is not broken when the MN moves from one point of attachment to the 
Internet to another. In short, Leung consists in having a MN send a mobility notification to the 
VPN GW, which allows it to be assigned the same enterprise IP address by said VPN GW, 
although MN has changed its real IP address. It is very important to note that this solution is not 
based on and explicitly excludes the use Mobile IP as a mobility protocol to handle the mobility 
of MN. Mobile IP is mentioned is the prior art section only of Leung, where it is considered as 
generally unable to allow for secure mobility. As a consequence, Leung invents a new mobility 
protocol, where some (limited) mobility functionality is provided by the VPN GW instead of the 
Mobile IP Home Agent. 

In contrast, the solution provided by claims 1 and 9 explicitly makes Mobile IP and IPsec 
VPN able to work together. Specifically, intelligence is added to the Mobile IP Home Agent (so 
that it can notify the VPN GW about node's mobility) and IPsec VPN GW (so that it can process 
said notification). Being unable to use such a mechanism (due to the lack of a dedicated Home 
Agent entity), Leung relies on explicit mobility notifications from the mobile node itself 
(actually, VPN client part on the mobile node) to the VPN GW. This requires complex additional 
intelligence on the mobile node. On the other hand, the solution provided by applicant's 
invention of claims 1 and 9 simply mandates some loose security policy settings on the Mobile 
Node (which eventually does not affect the security level), without requiring to add intelligence 
to the MN. 

Leung expresses the need for mobility message generation at VPN client side, which is 
not present in applicant's invention. In contrast, applicant's invention requires that a home agent 
be deployed, hence assuming that the MN's mobility should not be handled by the VPN GW but 
by a dedicated mobility entity. 

Applicant's invention describes a security mechanism for dynamically updating the 
endpoint of an IPsec secure tunnel, based on notifications from Mobile IP, and as a result the 
present invention is an enabler for IPsec in a Mobile IP context, unlike the prior art. 

Accordingly, applicant respectfully submits that amended claims 1 and 9 are now in a 
condition for allowance. 

Claim 2-4 and 10-12 are dependent on claims 1 and 9, respectively, hereby incorporated 
by reference, and are therefore deemed allowable as well for the same reasons. 

Applicant respectfully requests that this rejection be withdrawn. 
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The other references of record have been reviewed and applicant's invention is deemed 
patentably distinct and non-obvious over each taken alone or in combination. 

For the foregoing reasons, applicants respectfully request that the above rejections be 
withdrawn. 

Inasmuch as this amendment distinguishes all of the applicants' claims over the prior art 
references, for the many reasons indicated above, passing of this case is now believed to be in 
order. A Notice of Allowance is earnestly solicited. 

No amendment made was related to the statutory requirements of patentability unless 
expressly stated herein. No amendment made was for the purpose of narrowing the scope of any 
claim, unless applicant has argued herein that such amendment was made to distinguish over a 
particular reference or combination of references. 

Authorization is hereby given to charge any fees necessitated by actions taken herein to 
Deposit Account 50-21 17. 



Respectfully submitted, 
Olivereau et al. 



Customer Number 22917 

Motorola, Inc. 
Law Dept. - 3 rd floor 
1303 E. Algonquin Rd. 
Schaumburg, IL 60196 



By: /Brian Mancini/ 
Brian M. Mancini 
Attorney for Applicant(s) 



Registration No. 39,288 
Phone: (847) 576-3992 
FAX: (847) 576-3750 



.8- 



